[ previous ] [ next ] [ threads ]
 
 From:  Andrew White <andywhite at gmail dot com>
 To:  Ray Soucy <rps at maine dot edu>
 Cc:  Egbert Jan <egbert at vandenbussche dot nl>, m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] native IPV6 needs dhcp6c
 Date:  Thu, 29 Apr 2010 15:31:58 +0100
yes, there are 3 defined duid types for ipv6, but if I recall the RFC, there
is nothing mandating adherence to these 3, it states they should be
considered opaque values, specifically so future types don't cause breakage.

dhcp6d if it finds a mac as the duid in it's config, it will interpret it as
duid-ll and prepend the missing info, I believe this was to help people
going from dhcpv4 to v6.

M0n0wall will allow you to put in a mac addr, and then dhcp6d will interpret
it as above, it also allows a full DUID, and doesn't check if it matches any
of the 3 known types, inline with the RFC statement that it shouldn't
enforce them.

wrt windows 7, when I looked at it's duid, it didn't appear to match any of
the 3 types, and I couldn't find any docs indicating what it used, and
indeed recall finding other people finding it didn't match ll,tt or en , a
quick check and I can't find a reference now though.

wrt PD, yes it appears some ISP's are looking at this, and also 6RD.  My ISP
uses simple pppoe and ppp6 (?) and that's it...

dhcp6d is very small and perfectly functional, ISC has many more features,
but is considerably bigger, and not in keeping with m0n0's small footprint
(Manuel and I debated this previously).  The one missing feature from dhcp6d
is a lease file.

dhcp6c again is small, and does the basic features people are interested in,
indeed earthlink and many other ISP's used KAME as the standard
for compatibility testing of CPE.

Adding dhcp6c to give m0n0 support of PD is potentially simple, though
making the menus logical will require a change as it could be dhcp6c + dhcp
or dhcp6c + pppoe or dhcp6c + pppoe + ppp  etc.   Finding something 'real'
to test against is harder for me as my isp doesn't support it, though I
could reconfigure a cisco like an ISP







On Thu, Apr 29, 2010 at 2:27 PM, Ray Soucy <rps at maine dot edu> wrote:

> This is incorrect.
>
> Windows 7 respects the RFC for use of a DUID (actually all
> implementations of DHCPv6 by MS currently respect the RFC's, shocking
> I know...)
>
> There are three supported DUID types currently supported:
> (1) DUID-TTL
> (2) DUID-EN
> (3) DUID-LL
>
> The first 16 bits of the DUID indicate the type (1, 2, or 3).  e.g. a
> TTL DUID will begin with 0001, and a LL DUID with 0003.
>
> DUID-TTL and DUID-LL are the most common as they're based on a
> physical address.  These two types use the next 16 bits to identify
> the hardware type (for Ethernet it will be 0001).
>
> Linux DHCPv6 clients typically use DUID-LL by default.  So the format
> is "00030001" + MAC address.  DUID-TTL is the same thing except adds a
> 32-bit timestamp before the LL address when generated to ensure
> uniqueness.
>
> I should also note that the DUID is generated and stored once per
> device, even if they physical interfaces are changed it will continue
> to use the same DUID.
>
> I should also note that the DUID is generated using "any" available
> interface on the device; there is no requirement that the system use
> the active interface to generate the DUID (though this is the typical
> behavior).
>
> You can take a look at RFC 3315 for the details.  Just know that a
> DUID made up of only the MAC address (without following one of the
> three formats mentioned above) is invalid and you shouldn't allow the
> user to add such a DUID.
>
> This is a pretty fundamental shift from what people are used to for
> DHCP so it's important that people understand the difference.
>
> I would advise against using dhcp6c and dhcp6s from the Kame project
> if possible as ISC's implementation is becoming the standard for those
> of us actually running IPv6.
>
> As far as delivering IPv6 to residential users, DHCPv6-PD is certainly
> becoming the way a lot of ISPs want to go.  Functional CPE that works
> "out of the box" is what's missing.
>
> On Thu, Apr 29, 2010 at 8:47 AM, Andrew White <andywhite at gmail dot com> wrote:
> > My last comment on this outside of the forums because it's important
> these
> > questions are asked on the forums as others will learn from the thread ,
> > it's searchable (including google) and others can contribute.
> >
> >
> > You may not need to do anything at all.
> >
> > m0n0wall supports ipv6 via a number of mechanisms including ppp/pppoe.
> >
> > DHCP-PD is an aide to help configure your LAN side addressing, but more
> than
> > likely they will announce your subnet down your ppp tunnel, or give you
> > your assignment on your support page after you login.  This being the
> case,
> > m0n0wall will suggest an ip address based on receiving this announcement
> if
> > you enable RA on the WAN, and wait to receive an announcement.
> >
> > DHCP-PD should only be required if you are given a different home subnet
> on
> > a regular basis, and reconfiguring your WAN would be a pain, but that
> really
> > would not be normal in an ipv6 environment where you get a subnet
> associated
> > with your UID.
> >
> > DUID's are supposed to be static according to the RFC's and most OS's use
> > the MAC address to form their DUID, but Windows 7 , for example, doesn't.
> >  AFAIK, MS don't clearly publish their method for deriving their DUID
> (which
> > is why you must enter a DUID in dhcp6d for windows 7 systems, and just a
> MAC
> > for others).
> >
> > On Wed, Apr 28, 2010 at 6:32 PM, Egbert Jan <egbert at vandenbussche dot nl>
> wrote:
> >
> >> Hi Andy.
> >>
> >> Well.. the request is to put into the image what is neccessary to get
> >> native
> >> Ipv6 going. I'm currently in a pilot for native IPv6 with prefix
> delegation
> >> on unnumbered link organized by XS4ALL a major player here in NL.
> >>
> >> Integration is needed for wide-dhcp6-client and radvd might need
> pacthing.
> >> The DHCP6 client needs a configuration file. Parameters should be set
> via
> >> the GUI. Logging what goes on is essential as is a status display. ppp
> >> might
> >> need extensions to send/receive IPV6CP. Also a unique but no-changing
> DUID
> >> must be created (or kept) in the confuguration. I would advise a type 3
> >> DUID; only based on MAC address, or a choice of all three  types. ;-)
> >>
> >> I saw that it should be possible to use exec.php to add dhcp6c and
> config.
> >> I
> >> did not go thru that all, though... I took another piece of (x86)
> hardware
> >> and installed OpenWRT 10.03. Got that working today. Still, when
> monowall
> >> becomes available, I will stay on that platform. OpenWRT is quite new to
> >> me.
> >> It has a nice look and feel and there is a full commandline (ash in
> >> busybox). I must say that it rocks.
> >>
> >> I do not know how rigid the 8 Mb image size barrier is that you
> developers
> >> seem to have set for yourselves. With the newer hardware it is hardly an
> >> issue anymore imho. OpenWRT formats whatever extra space you have and
> uses
> >> unionfs to overlap. So I have plenty of room on my 256 Mb IDE-Flashcard.
> >>
> >> HTH
> >> Egbert Jan
> >>
> >>
> >> > -----Oorspronkelijk bericht-----
> >> > Van: Andrew White [mailto:andywhite at gmail dot com]
> >> > Verzonden: woensdag 28 april 2010 17:31
> >> > Aan: Egbert Jan
> >> > CC: m0n0wall dash dev at lists dot m0n0 dot ch
> >> > Onderwerp: Re: [m0n0wall-dev] native IPV6 needs dhcp6c
> >> >
> >> >
> >> > Can you post the feature request here ?  I might get some
> >> > time to look at this in the next 2-3 weeks, work permitting.
> >> >
> >> > Also, if you tried using dhcp6c , posting your results in there too ?
> >> >
> >> > On Thu, Apr 22, 2010 at 2:14 PM, Egbert Jan
> >> > <egbert at vandenbussche dot nl> wrote:
> >> >
> >> > > It would be wonderful when dhcp6c could be in the 1.33 (or
> >> > a later...)
> >> > > release! With a posibility to configure via the
> >> > webinterface offcause!
> >> > > There is some activity already; there is an image that can
> >> > be uploaded
> >> > > via the exec.php page. This is cumbersome though...
> >> > >
> >> > > Any chance that dhcp6c is finding its way into Monowall???
> >> > >
> >> > > Egbert Jan
> >> > >
> >> > >
> >> > >
> >> > ---------------------------------------------------------------------
> >> > > To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> >> > > For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
> >> > >
> >> > >
> >> >
> >>
> >>
> >
>
>
>
> --
> Ray Soucy
>
> Epic Communications Specialist
>
> Phone: +1 (207) 561-3526
>
> Networkmaine, a Unit of the University of Maine System
> http://www.networkmaine.net/
>